I am trying to create a new ssl certificate for one of my website using lets encrypt but I am getting an error.
Error : Fetching
http://workbook.benefitscliffs.org/.well-known/acme-challenge/n1tOlCgj-Kqvodgso1biDbYZPINglGM77irk-Wm0sfg: Connection refused
So my traffic is going to ALB using http protocol but my Load balancer listen only on 443.
So How should i verify my acme-challenge
Anyone can help me for this?
Then you need to fix that. Best practice is to listen on port 80 anyway, and when obtaining certs from Let's Encrypt using HTTP validation, your site must respond on port 80. It can redirect from there to 443 if desired, but it must respond on port 80.
Your ALB looks to be using a cert from Sectigo which is missing the intermediate chain. So, you need to fix that if you were not already aware.
The problem you describe looks like you are trying to get a cert for HTTPS between your origin server and the ALB.
Instead of trying to get the HTTP Challenge through the LB to your origin you could use the DNS Challenge instead. See these topics for details
When you get a certificate from Let’s Encrypt, our servers validate that you control the domain names in that certificate using “challenges,” as defined by the ACME standard. Most of the time, this validation is handled automatically by your ACME...
If your DNS provider is not supported by Certbot you could consider using the acme.sh ACME Client (see it on github)
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.